diff --git a/core/modules/user/config/user.mail.yml b/core/modules/user/config/user.mail.yml
index ea33738..8135993 100644
--- a/core/modules/user/config/user.mail.yml
+++ b/core/modules/user/config/user.mail.yml
@@ -10,6 +10,12 @@ register_admin_created:
 register_no_approval_required:
   body: "[user:name],\n\nThank you for registering at [site:name]. You may now log in by clicking this link or copying and pasting it to your browser:\n\n[user:one-time-login-url]\n\nThis link can only be used once to log in and will lead you to a page where you can set your password.\n\nAfter setting your password, you will be able to log in at [site:login-url] in the future using:\n\nusername: [user:name]\npassword: Your password\n\n--  [site:name] team"
   subject: 'Account details for [user:name] at [site:name]'
+register_password_set_activation:
+  body: "[user:name],\n\nYour account at [site:name] has been activated.\n\nYou will be able to log in to [site:login-url] in the future using:\n\nusername: [user:name]\npassword: your password.\n\n--  [site:name] team"
+  subject: 'Account details for [user:name] at [site:name]'
+register_password_set:
+  body: "[user:name],\n\nThank you for registering at [site:name]. You may now log in and verify your account by clicking this link or copying and pasting it to your browser:\n\n[user:one-time-login-url]\n\nThis link can only be used once. You will be able to log in at [site:login-url] in the future using:\n\nusername: [user:name]\npassword: Your password\n\n--  [site:name] team"
+  subject: 'Account details for [user:name] at [site:name]'
 register_pending_approval:
   body: "[user:name],\n\nThank you for registering at [site:name]. Your application for an account is currently pending approval. Once it has been approved, you will receive another e-mail containing information about how to log in, set your password, and other details.\n\n\n--  [site:name] team"
   subject: 'Account details for [user:name] at [site:name] (pending admin approval)'
diff --git a/core/modules/user/lib/Drupal/user/AccountFormController.php b/core/modules/user/lib/Drupal/user/AccountFormController.php
index ca8e638..162b2a0 100644
--- a/core/modules/user/lib/Drupal/user/AccountFormController.php
+++ b/core/modules/user/lib/Drupal/user/AccountFormController.php
@@ -105,7 +105,9 @@ public function form(array $form, array &$form_state) {
         $form['#validate'][] = 'user_validate_current_pass';
       }
     }
-    elseif (!$config->get('verify_mail') || $admin) {
+    // Show the password fields on registration when verify_mail is false,
+    // or verify_mail & password_register are set or the user is an admin.
+    elseif (!$config->get('verify_mail') || ($config->get('verify_mail') && $config->get('password_register')) || $admin) {
       $form['account']['pass'] = array(
         '#type' => 'password_confirm',
         '#size' => 25,
diff --git a/core/modules/user/lib/Drupal/user/AccountSettingsForm.php b/core/modules/user/lib/Drupal/user/AccountSettingsForm.php
index b3d0d17..a2c6470 100644
--- a/core/modules/user/lib/Drupal/user/AccountSettingsForm.php
+++ b/core/modules/user/lib/Drupal/user/AccountSettingsForm.php
@@ -129,6 +129,22 @@ public function buildForm(array $form, array &$form_state) {
       '#default_value' => $config->get('verify_mail'),
       '#description' => t('New users will be required to validate their e-mail address prior to logging into the site, and will be assigned a system-generated password. With this setting disabled, users will be logged in immediately upon registering, and may select their own passwords during registration.')
     );
+    $form['registration_cancellation']['user_password_register'] = array(
+      '#type' => 'checkbox',
+      '#title' => t('Require people to choose a password during registration.'),
+      '#description' => t('If <em>Require e-mail verification</em> is disabled, this setting is automatically enabled.'),
+      '#default_value' => $config->get('password_register'),
+      '#states' => array(
+        // Disable this option if email_verification is unchecked.
+        'disabled' => array(
+          'input[name="user_email_verification"]' => array('checked' => FALSE),
+        ),
+        // Enable this option if email_verification is checked.
+        'enabled' => array(
+          'input[name="user_email_verification"]' => array('checked' => TRUE),
+        ),
+      )
+    );
     $form['registration_cancellation']['user_password_strength'] = array(
       '#type' => 'checkbox',
       '#title' => t('Enable password strength indicator'),
@@ -259,6 +275,46 @@ public function buildForm(array $form, array &$form_state) {
       '#rows' => 15,
     );
 
+  $form['email_password_set_activation'] = array(
+    '#type' => 'details',
+    '#title' => t('Welcome (password set at registration)'),
+    '#collapsed' => TRUE,
+    '#description' => t('Edit the welcome e-mail messages sent to new members upon registering, when no administrator approval is required and password has already been set.') . ' ' . $email_token_help,
+    '#group' => 'email',
+  );
+  $form['email_password_set_activation']['user_mail_register_password_set_activation_subject'] = array(
+    '#type' => 'textfield',
+    '#title' => t('Subject'),
+    '#default_value' => $mail_config->get('register_password_set_activation.subject'),
+    '#maxlength' => 180,
+  );
+  $form['email_password_set_activation']['user_mail_register_password_set_activation_body'] = array(
+    '#type' => 'textarea',
+    '#title' => t('Body'),
+    '#default_value' => $mail_config->get('register_password_set_activation.body'),
+    '#rows' => 15,
+  );
+
+  $form['email_password_set'] = array(
+    '#type' => 'details',
+    '#title' => t('Account activation (password set at registration)'),
+    '#collapsed' => TRUE,
+    '#description' => t('Edit the activation e-mail messages sent to new members upon registering, when no administrator approval is required and password has already been set during registration.') . ' ' . $email_token_help,
+    '#group' => 'email',
+  );
+  $form['email_password_set']['user_mail_register_password_set_subject'] = array(
+    '#type' => 'textfield',
+    '#title' => t('Subject'),
+    '#default_value' => $mail_config->get('register_password_set.subject'),
+    '#maxlength' => 180,
+  );
+  $form['email_password_set']['user_mail_register_password_set_body'] = array(
+    '#type' => 'textarea',
+    '#title' => t('Body'),
+    '#default_value' => $mail_config->get('register_password_set.body'),
+    '#rows' => 15,
+  );
+
     $form['email_password_reset'] = array(
       '#type' => 'details',
       '#title' => t('Password recovery'),
@@ -417,6 +473,7 @@ public function submitForm(array &$form, array &$form_state) {
       ->set('register', $form_state['values']['user_register'])
       ->set('password_strength', $form_state['values']['user_password_strength'])
       ->set('verify_mail', $form_state['values']['user_email_verification'])
+      ->set('password_register', $form_state['values']['user_password_register'])
       ->set('signatures', $form_state['values']['user_signatures'])
       ->set('cancel_method', $form_state['values']['user_cancel_method'])
       ->set('notify.status_activated', $form_state['values']['user_mail_status_activated_notify'])
@@ -432,6 +489,10 @@ public function submitForm(array &$form, array &$form_state) {
       ->set('register_admin_created.subject', $form_state['values']['user_mail_register_admin_created_subject'])
       ->set('register_no_approval_required.body', $form_state['values']['user_mail_register_no_approval_required_body'])
       ->set('register_no_approval_required.subject', $form_state['values']['user_mail_register_no_approval_required_subject'])
+      ->set('register_password_set_activation.body', $form_state['values']['user_mail_register_password_set_activation_body'])
+      ->set('register_password_set_activation.subject', $form_state['values']['user_mail_register_password_set_activation_subject'])
+      ->set('register_password_set.body', $form_state['values']['user_mail_register_password_set_body'])
+      ->set('register_password_set.subject', $form_state['values']['user_mail_register_password_set_subject'])
       ->set('register_pending_approval.body', $form_state['values']['user_mail_register_pending_approval_body'])
       ->set('register_pending_approval.subject', $form_state['values']['user_mail_register_pending_approval_subject'])
       ->set('status_activated.body', $form_state['values']['user_mail_status_activated_body'])
diff --git a/core/modules/user/lib/Drupal/user/RegisterFormController.php b/core/modules/user/lib/Drupal/user/RegisterFormController.php
index ceecd65..b9c76bf 100644
--- a/core/modules/user/lib/Drupal/user/RegisterFormController.php
+++ b/core/modules/user/lib/Drupal/user/RegisterFormController.php
@@ -71,15 +71,24 @@ protected function actions(array $form, array &$form_state) {
    * Overrides Drupal\Core\Entity\EntityFormController::submit().
    */
   public function submit(array $form, array &$form_state) {
+    $config = config('user.settings');
     $admin = $form_state['values']['administer_users'];
 
-    if (!config('user.settings')->get('verify_mail') || $admin) {
+    if (!$config->get('verify_mail') || ($config->get('verify_mail') && $config->get('password_register')) || $admin) {
       $pass = $form_state['values']['pass'];
     }
     else {
       $pass = user_password();
     }
 
+    // If we are not an admin and we try to register and password_register
+    // is set, make sure the status is set to disabled before we save
+    // the newly created account. This also prevents sending out the default
+    // activation e-mail.
+    if ($config->get('verify_mail') && $config->get('password_register') && empty($form_state['values']['uid']) && !$admin) {
+      $form_state['values']['status'] = NULL;
+    }
+
     // Remove unneeded values.
     form_state_values_clean($form_state);
 
@@ -115,6 +124,14 @@ public function save(array $form, array &$form_state) {
     if ($admin && !$notify) {
       drupal_set_message(t('Created a new user account for <a href="@url">%name</a>. No e-mail has been sent.', array('@url' => url($uri['path'], $uri['options']), '%name' => $account->name)));
     }
+    // E-mail verification enabled, but users set a password during registration.
+    elseif (!$admin && (config('user.settings')->get('register') == USER_REGISTER_VISITORS && config('user.settings')->get('password_register') && !$account->status)) {
+      // Notify the user.
+      _user_mail_notify('register_password_set', $account);
+
+      drupal_set_message(t('A welcome message with further instructions has been sent to your e-mail address.'));
+      $form_state['redirect'] = '';
+    }
     // No e-mail verification required; log in user immediately.
     elseif (!$admin && !config('user.settings')->get('verify_mail') && $account->status) {
       _user_mail_notify('register_no_approval_required', $account);
diff --git a/core/modules/user/lib/Drupal/user/UserStorageController.php b/core/modules/user/lib/Drupal/user/UserStorageController.php
index 3d8e981..1678aeb 100644
--- a/core/modules/user/lib/Drupal/user/UserStorageController.php
+++ b/core/modules/user/lib/Drupal/user/UserStorageController.php
@@ -146,8 +146,26 @@ protected function postSave(EntityInterface $entity, $update) {
 
       // Send emails after we have the new user object.
       if ($entity->status != $entity->original->status) {
-        // The user's status is changing; conditionally send notification email.
-        $op = $entity->status == 1 ? 'status_activated' : 'status_blocked';
+        // If we are not called with user_pass_set_notify enabled.
+        if (empty($entity->user_pass_set_notify)) {
+          // The user's status is changing; conditionally send notification email.
+          $op = $entity->status == 1 ? 'status_activated' : 'status_blocked';
+          // If password_register is set, and the account is about to be
+          // enabled, change the $op to the correct activated e-mail
+          // for password_register, instead of the normal status_activated.
+          // The account has to be brand new and never signed in for this to work.
+          if (!$entity->login && config('user.settings')->get('password_register') && !$entity->original->status && !$entity->status) {
+            $op = 'register_password_set';
+          }
+        }
+        // Send the password_set activation e-mail to the user
+        // if the account never signed in and if we are
+        // called from the user_register_form and password_register
+        // is set to enabled.
+        elseif (!empty($entity->user_pass_set_notify) && !$entity->original->status) {
+          $op = 'register_password_set_activation';
+        }
+        // Notify the user.
         _user_mail_notify($op, $entity);
       }
     }
diff --git a/core/modules/user/user.install b/core/modules/user/user.install
index 4f22958..3e51ec1 100644
--- a/core/modules/user/user.install
+++ b/core/modules/user/user.install
@@ -1057,5 +1057,24 @@ function user_update_8017() {
 }
 
 /**
+ * Add variables for password_register to mail and settings.
+ *
+ * @ingroup config_upgrade
+ */
+function user_update_8018() {
+  update_variables_to_config('user.mail', array(
+    'register_password_set_activation_subject' => 'register_password_set_activation.subject',
+    'register_password_set_activation_body' => 'register_password_set_activation.body',
+    'register_password_set_subject' => 'register_password_set.subject',
+    'register_password_set_body' => 'register_password_set.body',
+  ));
+  update_variables_to_config('user.settings', array(
+    'user_password_register' => 'password_register',
+    'register_password_set_activation' => 'register_password_set_activation',
+    'register_password_set' => 'register_password_set',
+  ));
+}
+
+/**
  * @} End of "addtogroup updates-7.x-to-8.x".
  */
diff --git a/core/modules/user/user.module b/core/modules/user/user.module
index 42a79db..da4b9ef 100644
--- a/core/modules/user/user.module
+++ b/core/modules/user/user.module
@@ -2374,6 +2374,8 @@ function user_preferred_langcode($account, $type = NULL, $default = NULL) {
  *     self-registers.
  *   - 'register_pending_approval': Welcome message, user pending admin
  *     approval.
+ *   - 'register_password_set': Welcome message, password set.
+ *   - 'register_password_set_activation': Activation message, password set.
  *   - 'password_reset': Password recovery request.
  *   - 'status_activated': Account activated.
  *   - 'status_blocked': Account blocked.
diff --git a/core/modules/user/user.pages.inc b/core/modules/user/user.pages.inc
index 5f0cfab..4b2365d 100644
--- a/core/modules/user/user.pages.inc
+++ b/core/modules/user/user.pages.inc
@@ -62,7 +62,26 @@ function user_pass_validate($form, &$form_state) {
     form_set_value(array('#parents' => array('account')), $account, $form_state);
   }
   else {
-    form_set_error('name', t('Sorry, %name is not recognized as a username or an e-mail address.', array('%name' => $name)));
+    // We could still be dealing with a user that wants to reset
+    // an account that's still blocked and never verified.
+    // But we wil only check for this, if password_register is set.
+    if (config('user.settings')->get('password_register')) {
+      // Try to load by email.
+      $users = entity_load_multiple_by_properties('user', array('mail' => $name, 'status' => '0', 'login' => 0));
+      $account = reset($users);
+      if (!$account) {
+        // No success, try to load by name.
+        $users = entity_load_multiple_by_properties('user', array('name' => $name, 'status' => '0', 'login' => 0));
+        $account = reset($users);
+      }
+      if (isset($account->uid)) {
+        form_set_value(array('#parents' => array('account')), $account, $form_state);
+      }
+    }
+    // And then, if we still do not have a uid, trow an error.
+    if (!isset($account->uid)) {
+      form_set_error('name', t('Sorry, %name is not recognized as a username or an e-mail address.', array('%name' => $name)));
+    }
   }
 }
 
@@ -154,6 +173,29 @@ function user_pass_reset($form, &$form_state, $uid, $timestamp, $hashed_pass, $a
         drupal_goto('user/password');
       }
     }
+    // The user is possibly using a one-time-login link with a password
+    // already set. Make sure the account is never used and blocked
+    // and password register is set.
+    elseif (config('user.settings')->get('password_register') && $timestamp <= $current && $account && $account->status == $account->login) {
+      if ($account->uid && $timestamp >= $account->login && $timestamp <= $current && $hashed_pass == user_pass_rehash($account->pass, $timestamp, $account->login)) {
+        watchdog('user', 'User %name used one-time login link at time %timestamp.', array('%name' => $account->name, '%timestamp' => $timestamp));
+
+        // Set the account's status to enabled (activate the account).
+        $account->status = 1;
+        // Set a flag to prevent mail_notify running for 'status' update.
+        $account->user_pass_set_notify = 1;
+        // Save the account.
+        $account->save();
+        // Set the new user.
+        $user = $account;
+
+        // user_login_finalize() also updates the login timestamp of the
+        // user, which invalidates further use of the one-time login link.
+        user_login_finalize();
+        drupal_set_message(t('You have just used your one-time login link. Your account is now active.'));
+        drupal_goto('user');
+      }
+    }
     else {
       // Deny access, no more clues.
       // Everything will be in the watchdog's URL for the administrator to check.